Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier ...

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

SAP addresses 15 new security vulnerabilities in May. Two are considered critical and allow unauthorized login or SQL injection.

New research highlights how AI-driven exploitation, zero-click vulnerabilities, and fragmented ransomware operations are ...

A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days ...

Web applications rely on multiple layers of infrastructure to process user requests efficiently. Load balancers, reverse proxies, caching servers, and application servers all work together to improve ...

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...

The company — whose recent vulnerabilities have been hit with zero-day and n-day exploits — also released three patches for ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

The use of agentic orchestration in security-critical workflows without multi-layered defense architecture can lead to ...

Critical SAP flaws: SAP patched severe S/4HANA and Commerce vulnerabilities that could allow code injection and data leaks, ...